Jump to content

jillianm

Members
  • Posts

    7
  • Joined

  • Last visited

Reputation

0 Neutral
  1. Well, ESET found 11 things. Here's the log. C:\ProgramData\Spybot - Search & Destroy\Recovery\SmitfraudCgeneric.zip Win32/Bagle.gen.zip worm cleaned by deleting - quarantined C:\TDSSKiller_Quarantine\03.02.2012_18.22.51\mbr0000\tdlfs0000\tsk0000.dta Win32/Olmarik.AWO trojan cleaned by deleting - quarantined C:\TDSSKiller_Quarantine\03.02.2012_18.22.51\mbr0000\tdlfs0000\tsk0001.dta Win64/Olmarik.AD trojan cleaned by deleting - quarantined C:\TDSSKiller_Quarantine\03.02.2012_18.22.51\mbr0000\tdlfs0000\tsk0003.dta Win64/Olmarik.AC trojan cleaned by deleting - quarantined C:\TDSSKiller_Quarantine\03.02.2012_18.22.51\mbr0000\tdlfs0000\tsk0007.dta Win32/Olmarik.AWO trojan cleaned by deleting - quarantined C:\TDSSKiller_Quarantine\03.02.2012_18.22.51\mbr0000\tdlfs0000\tsk0008.dta Win64/Olmarik.X trojan cleaned by deleting - quarantined C:\TDSSKiller_Quarantine\03.02.2012_18.42.24\tdlfs0000\tsk0000.dta Win32/Olmarik.AWO trojan cleaned by deleting - quarantined C:\TDSSKiller_Quarantine\03.02.2012_18.42.24\tdlfs0000\tsk0001.dta Win64/Olmarik.AD trojan cleaned by deleting - quarantined C:\TDSSKiller_Quarantine\03.02.2012_18.42.24\tdlfs0000\tsk0003.dta Win64/Olmarik.AC trojan cleaned by deleting - quarantined C:\TDSSKiller_Quarantine\03.02.2012_18.42.24\tdlfs0000\tsk0007.dta Win32/Olmarik.AWO trojan cleaned by deleting - quarantined C:\TDSSKiller_Quarantine\03.02.2012_18.42.24\tdlfs0000\tsk0008.dta Win64/Olmarik.X trojan cleaned by deleting - quarantined
  2. The scan completed with no malicious items detected. Hopefully I'm all set. I will download one of your antivirus suggestions. Thanks for your help.
  3. Here is the new FFS report, it looks good. Is my system now free of spyware? If so, can you recommend an antivirus/malware program to use on a daily basis? All the ones I've tried (Mcafee, Norton) have missed several things. Thank you- Farbar Service Scanner Version: 05-02-2012 Ran by Jill End Room (administrator) on 06-02-2012 at 13:21:33 Running from "C:\Users\Jill End Room\Desktop" Microsoft Windows 7 Home Premium Service Pack 1 (X64) Boot Mode: Normal **************************************************************** Internet Services: ============ Connection Status: ============== Localhost is accessible. LAN connected. Google IP is accessible. Yahoo IP is accessible. Windows Firewall: ============= Firewall Disabled Policy: ================== System Restore: ============ System Restore Disabled Policy: ======================== Security Center: ============ Windows Update: =========== wuauserv Service is not running. Checking service configuration: The start type of wuauserv service is OK. The ImagePath of wuauserv service is OK. The ServiceDll of wuauserv service is OK. File Check: ======== C:\Windows\System32\nsisvc.dll => MD5 is legit C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit C:\Windows\System32\dhcpcore.dll => MD5 is legit C:\Windows\System32\drivers\afd.sys => MD5 is legit C:\Windows\System32\drivers\tdx.sys => MD5 is legit C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit C:\Windows\System32\dnsrslvr.dll => MD5 is legit C:\Windows\System32\mpssvc.dll => MD5 is legit C:\Windows\System32\bfe.dll => MD5 is legit C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit C:\Windows\System32\SDRSVC.dll => MD5 is legit C:\Windows\System32\vssvc.exe => MD5 is legit C:\Windows\System32\wscsvc.dll => MD5 is legit C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit C:\Windows\System32\wuaueng.dll => MD5 is legit C:\Windows\System32\qmgr.dll => MD5 is legit C:\Windows\System32\es.dll => MD5 is legit C:\Windows\System32\cryptsvc.dll => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit **** End of log ****
  4. Elise, I disabled Mcafee but Combofix still said it was activated. So, I went ahead and uninstalled Mcafee Total Protection from Add/Remove programs, rebooted, and reran combofix - and somehow it still said it was active. I ran Combofix anyway. Here's the report. ComboFix 12-02-06.02 - Jill End Room 02/06/2012 12:21:16.1.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6103.4523 [GMT -5:00] Running from: c:\users\Jill End Room\Desktop\ComboFix.exe AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637} FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C} SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . C:\Thumbs.db c:\users\Jill End Room\AppData\Roaming\ACD Systems\ACDSee\ImageDB.ddf c:\users\Jill End Room\AppData\Roaming\RIFT c:\users\Jill End Room\AppData\Roaming\RIFT\rift.cfg . . ((((((((((((((((((((((((( Files Created from 2012-01-06 to 2012-02-06 ))))))))))))))))))))))))))))))) . . 2012-02-05 18:37 . 2011-12-08 23:11 34624 ----a-w- c:\windows\system32\TURegOpt.exe 2012-02-05 18:37 . 2011-12-08 23:11 25920 ----a-w- c:\windows\system32\authuitu.dll 2012-02-05 18:37 . 2011-12-08 23:11 21312 ----a-w- c:\windows\SysWow64\authuitu.dll 2012-02-05 18:36 . 2012-02-05 18:36 -------- d-----w- c:\users\Jill End Room\AppData\Roaming\TuneUp Software 2012-02-05 18:36 . 2012-02-05 18:37 -------- d-----w- c:\program files (x86)\TuneUp Utilities 2012 2012-02-05 18:36 . 2012-02-05 18:37 -------- d-----w- c:\programdata\TuneUp Software 2012-02-05 18:36 . 2012-02-05 18:36 -------- d-sh--w- c:\programdata\{32364CEA-7855-4A3C-B674-53D8E9B97936} 2012-02-05 16:59 . 2012-02-05 16:59 -------- d-----w- c:\program files (x86)\stinger 2012-02-05 16:57 . 2012-02-05 16:57 -------- d-----w- c:\users\Jill End Room\AppData\Roaming\SUPERAntiSpyware.com 2012-02-05 16:57 . 2012-02-05 16:57 -------- d-----w- c:\program files\SUPERAntiSpyware 2012-02-05 16:57 . 2012-02-05 16:57 -------- d-----w- c:\programdata\SUPERAntiSpyware.com 2012-02-03 23:23 . 2012-02-03 23:46 -------- d-----w- C:\TDSSKiller_Quarantine 2012-02-03 22:54 . 2012-02-05 18:35 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2012-02-03 22:54 . 2012-02-05 18:35 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2012-01-30 16:36 . 2012-01-30 16:36 -------- d-----w- c:\users\Jill End Room\AppData\Local\CyberLink 2012-01-30 16:36 . 2012-01-30 16:36 -------- d-----w- c:\users\Jill End Room\AppData\Local\PowerCinema 2012-01-30 05:00 . 2012-01-30 05:00 -------- d-----w- c:\users\Public\CyberLink 2012-01-23 02:49 . 2012-02-06 17:05 -------- dc----w- c:\windows\system32\DRVSTORE 2012-01-23 02:49 . 2012-01-23 02:49 -------- d-----w- c:\users\Jill End Room\AppData\Local\McAfee Anti-Theft 2012-01-23 02:37 . 2012-02-06 17:13 -------- d-----w- c:\programdata\McAfee 2012-01-14 18:13 . 2012-02-05 22:23 -------- d-----w- c:\program files (x86)\World of Warcraft 2012-01-14 18:13 . 2012-01-14 18:14 -------- d-----w- c:\program files (x86)\Common Files\Blizzard Entertainment 2012-01-14 18:12 . 2012-01-14 19:11 -------- d-----w- c:\programdata\Blizzard Entertainment 2012-01-11 15:57 . 2011-10-26 05:25 1572864 ----a-w- c:\windows\system32\quartz.dll 2012-01-11 15:57 . 2011-10-26 04:32 1328128 ----a-w- c:\windows\SysWow64\quartz.dll 2012-01-11 15:57 . 2011-10-26 05:25 366592 ----a-w- c:\windows\system32\qdvd.dll 2012-01-11 15:57 . 2011-10-26 04:32 514560 ----a-w- c:\windows\SysWow64\qdvd.dll 2012-01-11 15:57 . 2011-11-17 06:41 1731920 ----a-w- c:\windows\system32\ntdll.dll 2012-01-11 15:57 . 2011-11-17 05:38 1292080 ----a-w- c:\windows\SysWow64\ntdll.dll 2012-01-11 15:57 . 2011-11-19 14:58 77312 ----a-w- c:\windows\system32\packager.dll 2012-01-11 15:57 . 2011-11-19 14:01 67072 ----a-w- c:\windows\SysWow64\packager.dll 2012-01-07 21:15 . 2012-02-03 05:04 45016 ----a-w- c:\program files (x86)\Mozilla Firefox\mozutils.dll 2012-01-07 21:15 . 2012-01-07 21:15 626688 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcr80.dll 2012-01-07 21:15 . 2012-01-07 21:15 548864 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcp80.dll 2012-01-07 21:15 . 2012-01-07 21:15 479232 ----a-w- c:\program files (x86)\Mozilla Firefox\msvcm80.dll . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-01-06 21:58 . 2012-01-06 21:58 539984 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2012-01-06 21:40 . 2012-01-06 21:40 737072 ----a-w- c:\programdata\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll 2012-01-06 21:40 . 2012-01-06 21:40 4283672 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll 2012-01-06 21:39 . 2012-01-06 21:39 42776 ----a-w- c:\programdata\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll 2012-01-06 16:28 . 2011-03-19 19:46 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys 2011-12-25 18:19 . 2011-12-25 18:19 414368 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2011-11-24 04:52 . 2011-12-16 20:14 3145216 ----a-w- c:\windows\system32\win32k.sys . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Aim"="c:\program files (x86)\AIM\aim.exe" [2011-01-05 4321112] "SpybotSD TeaTimer"="c:\program files (x86)\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2010-11-23 98304] "IAStorIcon"="c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" [2010-03-04 284696] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa] Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS] @="" . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-] "HP Software Update"=c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" "BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices "Norton Online Backup"=c:\program files (x86)\Symantec\Norton Online Backup\NOBuClient.exe "PDF Complete"=c:\program files (x86)\PDF Complete\pdfsty.exe . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [x] R3 amdkmdag;amdkmdag;c:\windows\system32\DRIVERS\atikmdag.sys [x] R3 amdkmdap;amdkmdap;c:\windows\system32\DRIVERS\atikmpag.sys [x] R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys [x] R3 netr28ux;RT2870 USB Extensible Wireless LAN Card Driver;c:\windows\system32\DRIVERS\netr28ux.sys [x] R3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4925184] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x] R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys [x] R4 RoxioNow Service;RoxioNow Service;c:\program files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-09-11 399344] S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2011-07-22 14928] S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2011-07-12 12368] S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x] S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-08-11 140672] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [x] S2 BackupService;BackupService;c:\users\Jill End Room\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe [2010-07-01 83512] S2 cvhsvc;Client Virtualization Handler;c:\program files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2010-10-20 821664] S2 HPClientSvc;HP Client Services;c:\program files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-08-06 291896] S2 HPDrvMntSvc.exe;HP Quick Synchronization Service;c:\program files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-08-21 92216] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-03-04 13336] S2 InfiniTVSvc;Ceton InfiniTV Service;c:\program files\Ceton Corp\Ceton InfiniTV\InfiniTVSvc.exe [2011-10-15 69392] S2 InfiniTVTAHSP;Ceton Tuning Adapter Host Service;c:\program files\Ceton Corp\Ceton InfiniTV\TAHSP.exe [2011-10-15 89088] S2 NOBU;Norton Online Backup;c:\program files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe SERVICE [x] S2 pdfcDispatcher;PDF Document Manager;c:\program files (x86)\PDF Complete\pdfsvc.exe [2010-10-22 1121304] S2 RalinkRegistryWriter64;Ralink Registry Writer 64;c:\program files (x86)\Encore\Common\RaRegistry64.exe [2009-10-20 212256] S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] S2 sftlist;Application Virtualization Client;c:\program files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-09-14 508264] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-01-07 378984] S2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2011-12-08 2123584] S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-10-01 2320920] S3 ceton_mocur;Ceton InfiniTV Network Device;c:\windows\system32\DRIVERS\ceton_mocur.sys [x] S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [x] S3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda64v.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x] S3 Sftfs;Sftfs;c:\windows\system32\DRIVERS\Sftfslh.sys [x] S3 Sftplay;Sftplay;c:\windows\system32\DRIVERS\Sftplaylh.sys [x] S3 Sftredir;Sftredir;c:\windows\system32\DRIVERS\Sftredirlh.sys [x] S3 Sftvol;Sftvol;c:\windows\system32\DRIVERS\Sftvollh.sys [x] S3 sftvsa;Application Virtualization Service Agent;c:\program files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-09-14 219496] S3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2011-12-02 11856] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - WS2IFSL . Contents of the 'Scheduled Tasks' folder . 2012-02-05 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2212324616-788831020-68712354-1000Core.job - c:\users\Jill End Room\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-20 02:26] . 2012-02-06 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2212324616-788831020-68712354-1000UA.job - c:\users\Jill End Room\AppData\Local\Google\Update\GoogleUpdate.exe [2011-03-20 02:26] . 2012-01-16 c:\windows\Tasks\HPCeeScheduleForJILLENDROOM-HP$.job - c:\program files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-14 06:15] . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" [2008-11-20 62768] "SmartMenu"="c:\program files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe" [2010-09-15 611896] "itype"="c:\program files\Microsoft IntelliType Pro\itype.exe" [2010-07-21 2306448] "EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2011-10-07 1744152] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x0 . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105 FF - ProfilePath - c:\users\Jill End Room\AppData\Roaming\Mozilla\Firefox\Profiles\aizpnd0b.default\ FF - prefs.js: browser.startup.homepage - yahoo.com FF - prefs.js: network.proxy.type - 0 FF - user.js: general.useragent.extra.brc - FF - user.js: network.protocol-handler.warn-external.dnupdate - false . - - - - ORPHANS REMOVED - - - - . Notify-LBTWlgn - (no file) AddRemove-{B1A4A13D-4665-4ED3-9DFE-F845725FBBD8} - c:\program files (x86)\InstallShield Installation Information\{B1A4A13D-4665-4ED3-9DFE-F845725FBBD8}\setup.exe . . . [HKEY_LOCAL_MACHINE\system\ControlSet001\services\pdfcDispatcher] "ImagePath"="c:\program files (x86)\PDF Complete\pdfsvc.exe /startedbyscm:66B66708-40E2BE4D-pdfcService" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil10h_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash10h.ocx, 1" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}] @Denied: (A 2) (Everyone) @="IFlashBroker4" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3] @Denied: (A) (Everyone) . [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe c:\program files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe c:\program files (x86)\Encore\Common\RaRegistry.exe . ************************************************************************** . Completion time: 2012-02-06 12:30:54 - machine was rebooted ComboFix-quarantined-files.txt 2012-02-06 17:30 . Pre-Run: 790,135,963,648 bytes free Post-Run: 793,292,242,944 bytes free . - - End Of File - - 96B5672A1F491A8DD84E669A60126717
  5. Hi Elise, here is the file you requested: Farbar Service Scanner Version: 05-02-2012 Ran by Jill End Room (administrator) on 06-02-2012 at 11:35:21 Running from "C:\Users\Jill End Room\Desktop" Microsoft Windows 7 Home Premium Service Pack 1 (X64) Boot Mode: Normal **************************************************************** Internet Services: ============ Connection Status: ============== Localhost is accessible. LAN connected. Google IP is accessible. Yahoo IP is accessible. IE proxy is enabled. Windows Firewall: ============= mpsdrv Service is not running. Checking service configuration: The start type of mpsdrv service is OK. The ImagePath of mpsdrv service is OK. MpsSvc Service is not running. Checking service configuration: Checking Start type: Attention! Unable to open MpsSvc registry key. The service key does not exist. Checking ImagePath: Attention! Unable to open MpsSvc registry key. The service key does not exist. Checking ServiceDll: Attention! Unable to open MpsSvc registry key. The service key does not exist. Firewall Disabled Policy: ================== System Restore: ============ System Restore Disabled Policy: ======================== Security Center: ============ wscsvc Service is not running. Checking service configuration: Checking Start type: Attention! Unable to open wscsvc registry key. The service key does not exist. Checking ImagePath: Attention! Unable to open wscsvc registry key. The service key does not exist. Checking ServiceDll: Attention! Unable to open wscsvc registry key. The service key does not exist. Windows Update: =========== File Check: ======== C:\Windows\System32\nsisvc.dll => MD5 is legit C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit C:\Windows\System32\dhcpcore.dll => MD5 is legit C:\Windows\System32\drivers\afd.sys => MD5 is legit C:\Windows\System32\drivers\tdx.sys => MD5 is legit C:\Windows\System32\Drivers\tcpip.sys => MD5 is legit C:\Windows\System32\dnsrslvr.dll => MD5 is legit C:\Windows\System32\mpssvc.dll => MD5 is legit C:\Windows\System32\bfe.dll => MD5 is legit C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit C:\Windows\System32\SDRSVC.dll => MD5 is legit C:\Windows\System32\vssvc.exe => MD5 is legit C:\Windows\System32\wscsvc.dll => MD5 is legit C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit C:\Windows\System32\wuaueng.dll => MD5 is legit C:\Windows\System32\qmgr.dll => MD5 is legit C:\Windows\System32\es.dll => MD5 is legit C:\Windows\System32\cryptsvc.dll => MD5 is legit C:\Windows\System32\svchost.exe => MD5 is legit C:\Windows\System32\rpcss.dll => MD5 is legit **** End of log ****
  6. Hi, I'm running windows 7 home premium 64-bit. A scan with Spybot Search and Destroy this week found Smitfraud-c.generic, and a scan with TDSSKiller found Rootkit.Boot.Pihar.b. Both were supposedly removed by those programs. However, I'm also running Mcafee - which failed to find that malware. Now, Mcafee's firewall will not stay activated. When I try to start the service, I get a msg that says: error 1075: the dependency service does not exist or has been marked for deletion. Now I don't know if my system has been fully cleaned. Here are the DDS logs. I also have a HijackThis log and TDSS logs if necessary. Thanks guys- . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_22 Run by Jill End Room at 15:15:24 on 2012-02-05 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.6103.4397 [GMT -5:00] . AV: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: McAfee Anti-Virus and Anti-Spyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A} FW: McAfee Firewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\atieclxx.exe C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\nvvsvc.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE C:\Users\Jill End Room\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Windows\system32\mfevtps.exe C:\Windows\system32\rundll32.exe C:\Windows\system32\rundll32.exe C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe C:\Windows\SysWOW64\rundll32.exe C:\Program Files (x86)\PDF Complete\pdfsvc.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files (x86)\Encore\Common\RaRegistry.exe C:\Program Files (x86)\Encore\Common\RaRegistry64.exe C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe C:\Program Files\Microsoft IntelliType Pro\itype.exe C:\Program Files\Logitech\SetPointP\SetPoint.exe C:\Program Files\McAfee\MAT\McPvTray.exe C:\Program Files (x86)\AIM\aim.exe C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files\McAfee.com\Agent\mcagent.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesApp64.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\Ceton Corp\Ceton InfiniTV\InfiniTVSvc.exe C:\Program Files\Ceton Corp\Ceton InfiniTV\TAHSP.exe C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\ehome\ehRecvr.exe C:\Windows\system32\WUDFHost.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe . ============== Pseudo HJT Report =============== . uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll mWinlogon: Userinit=userinit.exe, BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120123110806.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll TB: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File uRun: [Aim] "C:\Program Files (x86)\AIM\aim.exe" /d locale=en-US uRun: [spybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun: [<NO NAME>] mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab TCP: DhcpNameServer = 167.206.251.130 167.206.251.129 192.168.1.1 TCP: Interfaces\{8B2C411D-7312-426E-9D03-818A6B6E25BC} : DhcpNameServer = 167.206.251.130 167.206.251.129 192.168.1.1 TCP: Interfaces\{96803927-403C-4992-B31E-B2F189A757A5} : DhcpNameServer = 167.206.251.130 167.206.251.129 TCP: Interfaces\{96803927-403C-4992-B31E-B2F189A757A5}\C696E6B6379737 : DhcpNameServer = 167.206.251.130 167.206.251.129 Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\McAfee\MSC\McSnIePl.dll Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\Advisor\System\BAVoilaX.dll Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~2\McAfee\SITEAD~1\McIEPlg.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll BHO-X64: Spybot-S&D IE Protection: {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll BHO-X64: scriptproxy: {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files (x86)\Common Files\McAfee\SystemCore\ScriptSn.20120123110806.dll BHO-X64: scriptproxy - No File BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Skype Plug-In: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO-X64: SkypeIEPluginBHO - No File BHO-X64: McAfee SiteAdvisor BHO: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll BHO-X64: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB-X64: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~2\mcafee\SITEAD~1\mcieplg.dll TB-X64: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File mRun-x64: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun mRun-x64: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun-x64: [(Default)] mRun-x64: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Jill End Room\AppData\Roaming\Mozilla\Firefox\Profiles\aizpnd0b.default\ FF - prefs.js: browser.startup.homepage - yahoo.com FF - prefs.js: network.proxy.type - 0 FF - plugin: c:\progra~2\mcafee\msc\npMcSnFFPl.dll FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\McAfee\SiteAdvisor\NPMcFFPlg32.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.0.60831.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdeployJava1.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnu.dll FF - plugin: C:\Program Files (x86)\Mozilla Firefox\plugins\npdnupdater2.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll FF - plugin: C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Users\Jill End Room\AppData\Local\Google\Update\1.3.21.99\npGoogleUpdate3.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32.dll . ---- FIREFOX POLICIES ---- FF - user.js: general.useragent.extra.brc - FF - user.js: network.protocol-handler.warn-external.dnupdate - false ============= SERVICES / DRIVERS =============== . R0 McPvDrv;McPvDrv Driver;C:\Windows\system32\drivers\McPvDrv.sys --> C:\Windows\system32\drivers\McPvDrv.sys [?] R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\system32\drivers\mfehidk.sys --> C:\Windows\system32\drivers\mfehidk.sys [?] R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\system32\drivers\mfewfpk.sys --> C:\Windows\system32\drivers\mfewfpk.sys [?] R1 mfenlfk;McAfee NDIS Light Filter;C:\Windows\system32\DRIVERS\mfenlfk.sys --> C:\Windows\system32\DRIVERS\mfenlfk.sys [?] R1 MOBKFilter;MOBKFilter;C:\Windows\system32\DRIVERS\MOBK.sys --> C:\Windows\system32\DRIVERS\MOBK.sys [?] R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928] R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-8-11 140672] R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?] R2 BackupService;BackupService;C:\Users\Jill End Room\AppData\Roaming\HP SimpleSave Application\uUACTokenSvc.exe [2011-3-19 83512] R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2010-10-20 821664] R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-8-5 291896] R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2010-8-20 92216] R2 InfiniTVSvc;Ceton InfiniTV Service;C:\Program Files\Ceton Corp\Ceton InfiniTV\InfiniTVSvc.exe [2011-10-14 69392] R2 InfiniTVTAHSP;Ceton Tuning Adapter Host Service;C:\Program Files\Ceton Corp\Ceton InfiniTV\TAHSP.exe [2011-10-14 89088] R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-1-23 249936] R2 McProxy;McAfee Proxy Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-1-23 249936] R2 McShield;McAfee McShield;C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe [2012-1-23 199272] R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2012-1-23 208536] R2 mfevtp;McAfee Validation Trust Protection Service;"C:\Windows\system32\mfevtps.exe" --> C:\Windows\system32\mfevtps.exe [?] R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568] R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-3-11 1121304] R2 RalinkRegistryWriter;Ralink Registry Writer;C:\Program Files (x86)\Encore\Common\RaRegistry.exe [2011-3-19 185632] R2 RalinkRegistryWriter64;Ralink Registry Writer 64;C:\Program Files (x86)\Encore\Common\RaRegistry64.exe [2011-3-19 212256] R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2010-9-14 508264] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-1-7 378984] R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2011-12-8 2123584] R3 ceton_mocur;Ceton InfiniTV Network Device;C:\Windows\system32\DRIVERS\ceton_mocur.sys --> C:\Windows\system32\DRIVERS\ceton_mocur.sys [?] R3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?] R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\system32\drivers\mfeavfk.sys --> C:\Windows\system32\drivers\mfeavfk.sys [?] R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\system32\drivers\mfefirek.sys --> C:\Windows\system32\drivers\mfefirek.sys [?] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;C:\Windows\system32\drivers\nvhda64v.sys --> C:\Windows\system32\drivers\nvhda64v.sys [?] R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\system32\DRIVERS\Rt64win7.sys --> C:\Windows\system32\DRIVERS\Rt64win7.sys [?] R3 Sftfs;Sftfs;C:\Windows\system32\DRIVERS\Sftfslh.sys --> C:\Windows\system32\DRIVERS\Sftfslh.sys [?] R3 Sftplay;Sftplay;C:\Windows\system32\DRIVERS\Sftplaylh.sys --> C:\Windows\system32\DRIVERS\Sftplaylh.sys [?] R3 Sftredir;Sftredir;C:\Windows\system32\DRIVERS\Sftredirlh.sys --> C:\Windows\system32\DRIVERS\Sftredirlh.sys [?] R3 Sftvol;Sftvol;C:\Windows\system32\DRIVERS\Sftvollh.sys --> C:\Windows\system32\DRIVERS\Sftvollh.sys [?] R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2010-9-14 219496] R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [2011-12-2 11856] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-3-11 13336] S2 McMPFSvc;McAfee Personal Firewall Service;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-1-23 249936] S2 McNaiAnn;McAfee VirusScan Announcer;C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe [2012-1-23 249936] S2 MOBKbackup;McAfee Online Backup;C:\Program Files (x86)\McAfee Online Backup\MOBKbackup.exe [2010-4-13 231224] S2 SBSDWSCService;SBSD Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2012-2-3 1153368] S2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-3-11 2320920] S3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?] S3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?] S3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?] S3 cfwids;McAfee Inc. cfwids;C:\Windows\system32\drivers\cfwids.sys --> C:\Windows\system32\drivers\cfwids.sys [?] S3 mferkdet;McAfee Inc. mferkdet;C:\Windows\system32\drivers\mferkdet.sys --> C:\Windows\system32\drivers\mferkdet.sys [?] S3 netr28ux;RT2870 USB Extensible Wireless LAN Card Driver;C:\Windows\system32\DRIVERS\netr28ux.sys --> C:\Windows\system32\DRIVERS\netr28ux.sys [?] S3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\system32\DRIVERS\wdcsam64.sys --> C:\Windows\system32\DRIVERS\wdcsam64.sys [?] S4 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-9-11 399344] . =============== Created Last 30 ================ . 2012-02-05 18:37:11 34624 ----a-w- C:\Windows\System32\TURegOpt.exe 2012-02-05 18:37:11 25920 ----a-w- C:\Windows\System32\authuitu.dll 2012-02-05 18:37:11 21312 ----a-w- C:\Windows\SysWow64\authuitu.dll 2012-02-05 18:36:59 -------- d-----w- C:\Users\Jill End Room\AppData\Roaming\TuneUp Software 2012-02-05 18:36:52 -------- d-----w- C:\Program Files (x86)\TuneUp Utilities 2012 2012-02-05 18:36:15 -------- d-----w- C:\ProgramData\TuneUp Software 2012-02-05 18:36:10 -------- d-sh--w- C:\ProgramData\{32364CEA-7855-4A3C-B674-53D8E9B97936} 2012-02-05 16:59:09 -------- d-----w- C:\Program Files (x86)\stinger 2012-02-05 16:57:58 -------- d-----w- C:\Users\Jill End Room\AppData\Roaming\SUPERAntiSpyware.com 2012-02-05 16:57:44 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com 2012-02-05 16:57:44 -------- d-----w- C:\Program Files\SUPERAntiSpyware 2012-02-03 23:23:44 -------- d-----w- C:\TDSSKiller_Quarantine 2012-02-03 22:54:51 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy 2012-02-03 22:54:51 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2012-01-30 16:36:16 -------- d-----w- C:\Users\Jill End Room\AppData\Local\CyberLink 2012-01-30 16:36:12 -------- d-----w- C:\Users\Jill End Room\AppData\Local\PowerCinema 2012-01-23 16:09:49 -------- d-----w- C:\Program Files (x86)\McAfeeMOBK 2012-01-23 16:09:42 66040 ----a-w- C:\Windows\System32\drivers\MOBK.sys 2012-01-23 16:09:42 -------- d-----w- C:\Program Files (x86)\McAfee Online Backup 2012-01-23 16:09:12 71800 ----a-w- C:\Windows\System32\drivers\McPvDrv.sys 2012-01-23 16:08:19 -------- d-----w- C:\Program Files (x86)\McAfee.com 2012-01-23 16:08:06 28760 ----a-w- C:\Program Files (x86)\Mozilla Firefox\ScriptFF.dll 2012-01-23 16:08:06 10248 ----a-w- C:\Windows\System32\drivers\mfeclnk.sys 2012-01-23 16:08:06 -------- d-----w- C:\Program Files (x86)\Common Files\McAfee 2012-01-23 16:08:03 75808 ----a-w- C:\Windows\System32\drivers\mfenlfk.sys 2012-01-23 16:08:03 65264 ----a-w- C:\Windows\System32\drivers\cfwids.sys 2012-01-23 16:08:03 481768 ----a-w- C:\Windows\System32\drivers\mfefirek.sys 2012-01-23 16:08:03 284648 ----a-w- C:\Windows\System32\drivers\mfewfpk.sys 2012-01-23 16:08:03 229528 ----a-w- C:\Windows\System32\drivers\mfeavfk.sys 2012-01-23 16:08:03 100912 ----a-w- C:\Windows\System32\drivers\mferkdet.sys 2012-01-23 16:07:56 -------- d-----w- C:\Program Files\McAfee.com 2012-01-23 16:07:56 -------- d-----w- C:\Program Files\McAfee 2012-01-23 16:07:49 -------- d-----w- C:\Program Files (x86)\McAfee 2012-01-23 02:49:07 -------- d-----w- C:\Users\Jill End Room\AppData\Local\McAfee Anti-Theft 2012-01-23 02:48:27 -------- d-----w- C:\Program Files\Common Files\McAfee 2012-01-23 02:37:18 161168 ----a-w- C:\Windows\System32\mfevtps.exe 2012-01-14 18:13:21 -------- d-----w- C:\Program Files (x86)\World of Warcraft 2012-01-14 18:13:21 -------- d-----w- C:\Program Files (x86)\Common Files\Blizzard Entertainment 2012-01-14 18:12:27 -------- d-----w- C:\ProgramData\Blizzard Entertainment 2012-01-11 15:57:12 1572864 ----a-w- C:\Windows\System32\quartz.dll 2012-01-11 15:57:12 1328128 ----a-w- C:\Windows\SysWow64\quartz.dll 2012-01-11 15:57:11 514560 ----a-w- C:\Windows\SysWow64\qdvd.dll 2012-01-11 15:57:11 366592 ----a-w- C:\Windows\System32\qdvd.dll 2012-01-11 15:57:10 1731920 ----a-w- C:\Windows\System32\ntdll.dll 2012-01-11 15:57:10 1292080 ----a-w- C:\Windows\SysWow64\ntdll.dll 2012-01-11 15:57:09 77312 ----a-w- C:\Windows\System32\packager.dll 2012-01-11 15:57:09 67072 ----a-w- C:\Windows\SysWow64\packager.dll 2012-01-07 21:15:57 626688 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcr80.dll 2012-01-07 21:15:57 548864 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcp80.dll 2012-01-07 21:15:57 479232 ----a-w- C:\Program Files (x86)\Mozilla Firefox\msvcm80.dll 2012-01-07 21:15:57 45016 ----a-w- C:\Program Files (x86)\Mozilla Firefox\mozutils.dll 2012-01-07 15:42:19 -------- d-----w- C:\Windows\System32\wbem\Framework\root\CPUThermometer 2012-01-07 15:42:19 -------- d-----w- C:\Windows\System32\wbem\Framework\root 2012-01-07 15:42:19 -------- d-----w- C:\Windows\System32\wbem\Framework 2012-01-06 22:10:17 -------- d-----w- C:\Program Files\Microsoft 2012-01-06 21:58:19 539984 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCESpotlight\MCESpotlight\SpotlightResources.dll 2012-01-06 21:54:40 -------- d-----w- C:\Windows\ehome 2012-01-06 21:40:18 737072 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\SportsV2\SportsTemplateCore\Microsoft.MediaCenter.Sports.UI.dll 2012-01-06 21:40:05 4283672 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\UpdateableMarkup\markup.dll 2012-01-06 21:39:53 42776 ----a-w- C:\ProgramData\Microsoft\eHome\Packages\MCEClientUX\dSM\StartResources.dll 2012-01-06 21:11:28 -------- d-----w- C:\Program Files\Ceton Corp . ==================== Find3M ==================== . 2012-01-06 16:28:59 18960 ----a-w- C:\Windows\System32\drivers\LNonPnP.sys 2011-12-25 18:19:32 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2011-11-24 04:52:09 3145216 ----a-w- C:\Windows\System32\win32k.sys 2011-11-17 06:49:14 95600 ----a-w- C:\Windows\System32\drivers\ksecdd.sys 2011-11-17 06:49:14 152432 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys 2011-11-17 06:44:43 459232 ----a-w- C:\Windows\System32\drivers\cng.sys 2011-11-17 06:35:28 395776 ----a-w- C:\Windows\System32\webio.dll 2011-11-17 06:35:26 29184 ----a-w- C:\Windows\System32\sspisrv.dll 2011-11-17 06:35:26 136192 ----a-w- C:\Windows\System32\sspicli.dll 2011-11-17 06:35:25 340992 ----a-w- C:\Windows\System32\schannel.dll 2011-11-17 06:35:25 28160 ----a-w- C:\Windows\System32\secur32.dll 2011-11-17 06:35:19 1447936 ----a-w- C:\Windows\System32\lsasrv.dll 2011-11-17 06:33:55 31232 ----a-w- C:\Windows\System32\lsass.exe 2011-11-17 05:35:02 314880 ----a-w- C:\Windows\SysWow64\webio.dll 2011-11-17 05:34:52 224768 ----a-w- C:\Windows\SysWow64\schannel.dll 2011-11-17 05:34:52 22016 ----a-w- C:\Windows\SysWow64\secur32.dll 2011-11-17 05:28:48 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll . ============= FINISH: 15:16:26.09 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 3/19/2011 2:57:10 PM System Uptime: 2/5/2012 3:12:35 PM (0 hours ago) . Motherboard: MSI | | 2A9C Processor: Intel® Core™ i5 CPU 760 @ 2.80GHz | CPU 1 | 2801/133mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 918 GiB total, 736.885 GiB free. D: is FIXED (NTFS) - 13 GiB total, 1.592 GiB free. E: is CDROM () F: is Removable G: is Removable H: is Removable I: is Removable . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP95: 2/4/2012 1:04:36 AM - Scheduled Checkpoint RP96: 2/5/2012 1:36:30 PM - Installed TuneUp Utilities 2012 RP97: 2/5/2012 2:33:02 PM - Removed Microsoft Office Professional Plus 2010 . ==== Installed Programs ====================== . ACDSee ActiveCheck component for HP Active Support Library Adobe AIR Adobe Bridge 1.0 Adobe Common File Installer Adobe Flash Player 10 ActiveX Adobe Help Center 1.0 Adobe Photoshop CS2 Adobe Stock Photos 1.0 Agatha Christie - Peril at End House AIM 7 Bejeweled 2 Deluxe Belarc Advisor 8.2 Blackhawk Striker 2 Blasterball 3 Bounce Symphony Build-a-lot 2 Cake Mania Catalyst Control Center - Branding Catalyst Control Center Graphics Previews Common Catalyst Control Center Graphics Previews Vista Catalyst Control Center Localization All ccc-core-static CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Czech CCC Help Danish CCC Help Dutch CCC Help English CCC Help Finnish CCC Help French CCC Help German CCC Help Greek CCC Help Hungarian CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Norwegian CCC Help Polish CCC Help Portuguese CCC Help Russian CCC Help Spanish CCC Help Swedish CCC Help Thai CCC Help Turkish Chuzzle Deluxe Cisco EAP-FAST Module Cisco LEAP Module Cisco PEAP Module CoffeeCup HTML Editor CyberLink DVD Suite Deluxe D3DX10 DHTML Editing Component Diner Dash 2 Restaurant Rescue Dora's World Adventure Download Updater (AOL LLC) DVD Menu Pack for HP MediaSmart Video Encore 802.11n Wireless Adapter ENUWI-N3 eReg Escape Rosecliff Island Farm Frenzy FATE FileZilla Client 3.3.5.1 Final Drive Nitro Google Chrome HandBrake 0.9.5 Heroes of Hellas 2 - Olympia HP Customer Experience Enhancements HP Game Console HP Games HP MediaSmart DVD HP MediaSmart Music HP MediaSmart Photo HP MediaSmart Video HP MediaSmart/TouchSmart Netflix HP MovieStore HP Odometer HP Setup HP Setup Manager HP Support Assistant HP Support Information HP Update HPAsset component for HP Active Support Library HydraVision Intel® Management Engine Components Intel® Rapid Storage Technology Java Auto Updater Java™ 6 Update 22 Jewel Quest Solitaire 2 Junk Mail filter update LabelPrint LightScribe System Software MailWasher Pro McAfee Online Backup McAfee Total Protection Microsoft Office 2010 Microsoft Office Click-to-Run 2010 Microsoft Office Starter 2010 - English Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Microsoft WSE 3.0 Runtime Movie Theme Pack for HP MediaSmart Video Mozilla Firefox 10.0 (x86 en-US) Mozilla Thunderbird (3.1.14) MSVCRT MSVCRT_amd64 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Mystery P.I. - The London Caper Norton Online Backup NVIDIA PhysX NVIDIA Stereoscopic 3D Driver OnLive PDF Complete Special Edition Penguins! PhotoNow! Plants vs. Zombies PlayReady PC Runtime x86 Poker Superstars III Polar Bowler Polar Golfer Power2Go PowerDirector PressReader Realtek High Definition Audio Driver Recovery Manager RoxioNow Player Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Skype Toolbars Skype™ 5.1 Spotify Spybot - Search & Destroy System Requirements Lab CYRI The Witcher 2 TuneUp Utilities 2012 TuneUp Utilities Language Pack (en-US) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Virtual Families Virtual Villagers 4 - The Tree of Life Wheel of Fortune 2 Windows Live Communications Platform Windows Live Essentials Windows Live Installer Windows Live Mail Windows Live Messenger Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live SOXE Windows Live SOXE Definitions Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources World of Warcraft Zinio Reader 4 Zuma Deluxe . ==== Event Viewer Messages From Past Week ======== . 2/5/2012 3:16:24 PM, Error: Service Control Manager [7003] - The McAfee Personal Firewall Service service depends the following service: MpsSvc. This service might not be installed. 2/5/2012 3:14:09 PM, Error: Service Control Manager [7024] - The HomeGroup Listener service terminated with service-specific error %%-2147023143. 2/5/2012 3:12:56 PM, Error: Service Control Manager [7003] - The SBSD Security Center Service service depends the following service: wscsvc. This service might not be installed. 2/5/2012 3:12:54 PM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service. 2/5/2012 3:09:59 PM, Error: Service Control Manager [7001] - The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start. 2/5/2012 3:08:50 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McNaiAnn with arguments "" in order to run the server: {DC7EF8E1-824F-4110-AB43-1604DA9B4F40} 2/5/2012 3:08:15 PM, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. 2/5/2012 3:08:14 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 2/5/2012 3:08:14 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 2/5/2012 3:08:13 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89} 2/5/2012 3:08:13 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E} 2/5/2012 3:08:11 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 2/5/2012 3:08:05 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 2/5/2012 3:08:00 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service TermService with arguments "" in order to run the server: {F9A874B6-F8A8-4D73-B5A8-AB610816828B} 2/5/2012 3:07:59 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC discache mfehidk mfenlfk MOBKFilter NetBIOS NetBT nsiproxy Psched rdbss SASDIFSV SASKUTIL spldr tdx vwififlt Wanarpv6 WfpLwf 2/5/2012 3:07:59 PM, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning. 2/5/2012 3:07:59 PM, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 2/5/2012 3:07:59 PM, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 2/5/2012 3:07:59 PM, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 2/5/2012 3:07:59 PM, Error: Service Control Manager [7001] - The Media Center Extender Service service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start. 2/5/2012 3:07:59 PM, Error: Service Control Manager [7001] - The McAfee Validation Trust Protection Service service depends on the McAfee Inc. mfehidk service which failed to start because of the following error: A device attached to the system is not functioning. 2/5/2012 3:07:59 PM, Error: Service Control Manager [7001] - The McAfee Proxy Service service depends on the McAfee Firewall Core Service service which failed to start because of the following error: The dependency service or group failed to start. 2/5/2012 3:07:59 PM, Error: Service Control Manager [7001] - The McAfee McShield service depends on the McAfee Validation Trust Protection Service service which failed to start because of the following error: The dependency service or group failed to start. 2/5/2012 3:07:59 PM, Error: Service Control Manager [7001] - The McAfee Firewall Core Service service depends on the McAfee Validation Trust Protection Service service which failed to start because of the following error: The dependency service or group failed to start. 2/5/2012 3:07:59 PM, Error: Service Control Manager [7001] - The McAfee Anti-Spam Service service depends on the McAfee Firewall Core Service service which failed to start because of the following error: The dependency service or group failed to start. 2/5/2012 3:07:59 PM, Error: Service Control Manager [7001] - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error: The dependency service or group failed to start. 2/5/2012 3:07:57 PM, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 2/5/2012 3:07:57 PM, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 2/5/2012 3:07:57 PM, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning. 2/5/2012 3:07:57 PM, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning. 2/5/2012 3:07:57 PM, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 2/5/2012 3:07:57 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. 2/5/2012 12:47:39 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {D3DCB472-7261-43CE-924B-0704BD730D5F} 2/5/2012 12:47:39 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF} 2/5/2012 12:12:19 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McNaiAnn with arguments "" in order to run the server: {395633B1-EED9-4DFC-B67F-9788B51C9F06} 2/5/2012 12:00:52 PM, Error: Service Control Manager [7023] - The BFE service terminated with the following error: Access is denied. 2/3/2012 7:11:15 PM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed. 2/3/2012 7:11:11 PM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed. 2/3/2012 7:00:38 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: An instance of the service is already running. 2/3/2012 6:59:38 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Server service, but this action failed with the following error: An instance of the service is already running. 2/3/2012 6:58:38 PM, Error: Service Control Manager [7031] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 2/3/2012 6:58:38 PM, Error: Service Control Manager [7031] - The User Profile Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 2/3/2012 6:58:38 PM, Error: Service Control Manager [7031] - The Themes service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 2/3/2012 6:58:38 PM, Error: Service Control Manager [7031] - The Task Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 2/3/2012 6:58:38 PM, Error: Service Control Manager [7031] - The System Event Notification Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 2/3/2012 6:58:38 PM, Error: Service Control Manager [7031] - The Shell Hardware Detection service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 2/3/2012 6:58:38 PM, Error: Service Control Manager [7031] - The Server service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 2/3/2012 6:58:38 PM, Error: Service Control Manager [7031] - The Multimedia Class Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 2/3/2012 6:58:38 PM, Error: Service Control Manager [7031] - The Group Policy Client service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 2/3/2012 6:58:38 PM, Error: Service Control Manager [7031] - The Extensible Authentication Protocol service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. 2/3/2012 6:56:50 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service McAfee SiteAdvisor Service with arguments "" in order to run the server: {5A90F5EE-16B8-4C2A-81B3-FD5329BA477C} 2/3/2012 6:41:15 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD DfsC discache mfehidk mfenlfk MOBKFilter NetBIOS NetBT nsiproxy Psched rdbss spldr tdx vwififlt Wanarpv6 WfpLwf 2/3/2012 12:04:06 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Ceton InfiniTV Service service to connect. 2/3/2012 12:04:06 AM, Error: Service Control Manager [7000] - The Ceton InfiniTV Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 1/30/2012 1:28:52 AM, Error: srv [2017] - The server was unable to allocate from the system nonpaged pool because the server reached the configured limit for nonpaged pool allocations. . ==== End Of File ===========================
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.